VILLAIN Benjamin

New generation of network access controller: an SDN approach

The user access control in private networks is an old problem addressed today by physical controllers placed inside the networks. These controllers, expensive, difficult to setup and maintain hinder the deployment of an access to wireless internet everywhere and for everyone. This thesis aims to propose a new way of thinking access control architectures in order to share a controller between a multitude of clients whose networks are independent. An industrial implementation of such a controller was made and deployed in concrete projects. In the rest of the thesis we explore the possibility to create borders controllers from OpenFlow type SDN generic equipments. Our problematic was to be able to share private information of an SDN network with an external captive portal. A proposal was made to intercept application flows and modify them at the OpenFlow controller to implement HTTP redirects. We have shown that the solution is effective under actual conditions of use and extensible to other application protocols.